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[it *m 1 1 «aroga*<. ®%i<D&wraxi&o>mm 

£ga*<, HiriESg i co8>sitS(cm^<om 1 <ona£f* 
•v -tr-i? t £ Br^rom 2 const «aa U 

*fflUT^2<0»S1f«*»tk/H^L. 
»gfe**Vfcm2<0®^1fS*{l7uL. UiB»«*jWSS 

£ * i: u r ta ti -r * c t zft® t ■? zmz itj£73 
Sc. 

[ii*«2] iiiri2S&2<oiB£iff«<7>#a;lt3lAtfSJ&*s 
J*. 

[R**5] MIEm2roii»M-7?|Jatt<0H»T-&* 
C £ £ 1#® i: -T 1 IzfBiSOS* £J$7j a. 

im>mm 1 1 BirtHm i <o*Bffiif $fi0>#a 
^■r-smi <ogp»itffi**>5raiiiLr, #&aic striae 

£t>LT8c3IU 

iaiES»#E5U£yS2<BSB#1W&££fiJiU *J$**tfc 

ss 2 ostitis £ «JjiH«tiiiiHis&£ tft- l r ttai u 
siai=(5i:r. ttrfESsi rotss«aassrm2©S5»if 



[o 0 O 1 ] 

A#P^r-»a*fiE-r •S^l^ll f-S t <DT- * -So 
[0002] 

Eg) SfcE-r-SfctolcSao&fflflJ-o,!: Lt. Bg^« 

«4<fti&*i.Tii« (auk /mu : ■ ««ie#ait" . p 

p. 224-225 , #8>lfl^£) . 

[0 O O 3 ] Bf^fttBli, ±2 Lfc1fN8a>*Bft«figOMt!! 

feet) $«i^T-#-s^ii«ti, a^rositaiofcit 

wx-£z>T4i>*j\'m%£m£Hz>mm£mm-t2>tztt) 
izmitox&2> z. 1 1 * < sn &*ir^4. 

[0004] ^HSlBt^iCro 1 OfftSRSA 

tlXl^%> C^JxIS. R. Rivest, A. Shamir. L. Adlema 
n, "AMethod for Obtaining Digital Signatures and P 
ub lie-Key Cryptosystems", Communications of the AC 
M, 21. 2, 1978, pp. 120-126. *fc 1**3^4. 405. 8 
28 ^#E§) . 

[0 0 0 5] RS AftmaWAMmftttAlZ 

i>$JUmZ>l3&0)l -OtLX. A. Fiat. A. Sh 
amir|C«fc-oTg|g**lfc^iCA^«fc<fllt.*fr^-5 ("How 

toProve Yourself : Practical Solutions to Identifi 
cation and Signature Problems", Advances in Crypto 
I ogy — Crypto' 87. Lecture Notes i n Computer Sc i enc 
e, 263, Springer-Verlag, 1988. pp. 186-194. *fc 
l**@t$fF 4. 748. 668^#Bg) „ ZOittXte. 

[0006] (D J**.&*ifc> i?ro-r-r i>$)i,m 
T-#*-b>^<osiij*mr=-rsaA^ 1.--.M-1 «il 
aicsi;. s*£t+srrsgaa>*&®iiNfi£-ra. 

[0 0 0 7] (2) ^-roae&a ^a^f£Sal*, a' mod N 
«!U I l*gcd(l. lambda (N))=1*JSfc la 

mbda(N) = lcm(p-1,q-lh gcd(a, b) l*a, b (Og^^jfta. 

Icm(a,b)l*a.b a>&*4Hga£Sl*-r ^tt^L. 
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[0 0 0 8] (3) ^CO^Mf^cfcoT-^^.^tlfc> ^42 — 
i>m <Dt4 V$)l,m%<D±j£mm\^&l*X. {1. ■ * • , M- 
1 } Otofr£>?^VA>l^m\£tltzm®07tr £/Bl^Tft 
g£*LfcR=r~l mod N t. *7L t>tltz'j±m<D* vM — v 
m £2tt$1*-*HER|m *A*tLTW3ea>lifth 
Te=h(R|m)£ftl:-r£o ftlbSA^Ji: Lts=r*a"e(mo 

d n) <Ds\n&m?T-rz>^tiz±^Tmt>titzmj3s & 

tfR 5-7Lh*lfz* viz—i>(D"r>( i>$)Vm&t-f 

[0009] (4) tb&^TL^titz* ?-fe— $*m iZft-fZ 
f-fy^H«(s,R) £fit^-r&*:tf>f3l*. s~l mod N 
£R*(a~ir(h(R|m)) mod WOVt^^iWn U -£;h,£0>$S 

[OOI 0] C.P.Schnorr |z£ o TtI3g**Uc^ 

HHT&^jit ("Efficient Identification and Si gnat 
uresfor Smart Cards", Advances in Crypto logy — Cry 
pto' 89, Lecture Notes inComputer Science, 435, Spr 
inger-Verlag, 1990, pp. 239-252. £f-li*@*$fr4, 
995,082 -S§-#f£) 14. 2l<D&m&?TOo 
[OOI 1] (1) ^-X^Hxtzy- viZ — VCD^f i>$Jlsm 

T-£Z>-il>Z<D&m*&tz?gLm\t {1. - -.P } OIL 

[OO 1 2] (2) *4>B*a &BA/f£Saf*« g'* mod 
q (fflU q lip <0»»Ul*£<fc 5 

GF(q)|cMt-^7Cg (Dtt»*<P ttHh) Sit 

[OOI 3] (3) ^<0&aiz«|:oT^7et)*ifc> 
ym <D^<< v^;^¥^SCD^to31ICfcl^T. ll,"\p 

} CD^^^^>^A|Z^|^n/c^OTCr £fBl>Tft 
Xdilfc R=gf mod q ^ * * 1xtz'&m<0 * v\*—*s 

Te=h(R|m)*ttW-r*. f tlbSA*<t Lts=r+a*e (m 

od p) ^n-s^^^-r^c^fCcfcoT^^H^m^s jsl 

[0014] (4) *Wxf»*lf:>-;t-i?m IC»"T* 

fr/^H«(s,R) *«B-r4fctol=l4* h(g~s((g~ 

(-a))^(h(R|m))) (mod q) |m)R|m) ) (DftU (©Lx^y I4x 
[0 0 15] T. EIGamal(wcfcoTS3g*tLfcS^: 

* n a & x. & *t t * ? * - v <d t << v z )u m « * n 

^"^-S^S ("A Public-Key Cryptosystem and a Signa 
tureScheme Based on Discrete Logarithms", IEEE Tra 



nsactions on I nf ormat i onTheory , IT— 31 . 4, 1985, p 
p. 469-472. American National Standard X9. 30-1 99x, 
Digital Signature Algorithm, Feb. 1992#&g) (4. 

[ooi 6] (i) *y-b— S/CO-r-f *J**um 

[0 0 17] (2) ^(D®Sa £»A/*£«ai4* g~(-a) m 
od q (fiL, q I4p *<q-1 (DBMRlZft* <fc 5 

GF(q)(cM-T^>7Ug (DteS&^P fcft*) *tt*U 

[ooi 8] (3) -t<D^erccfcor^xe>4xfc> 
vm (Dx-r i?*;u»«<D^fiE«kaiicj3t^r. Il-.p 

} <7)^^t>^>^A(rMlf^®ffi(D7cr £ffll*T» 
R=gr mod q Br£<Deifth £flll*T-£*.& 
tlfc^HO)^ y-fe— i>m SA*i:LrSb*ifcIe=h(in) 
tk^A^LT. s=(e+R*a)*r"1 mod p CDtt»*jlfT-r 

[0 0 19] (4) *^-^Xt>tt/r>^-tr — ism IZ^f^ 

fr^;H«(s,R) **B-r*fca&i::i4* (g^(-a))^R 

(g>rs fcg~m (mod q) CDfWSSSfT U **lt>tD*SS 

[0020] — itusflo^aic^wxtfBBESsea-r 
*it«afii/XTFAi=fc^-c. waflMt^ytt^aa 

i\ ^ic*jp-r*#«-*»a*inA#i:i^ 
5. ^fc^O)y;u-^ic#*n-r^*nA#a)a^n *e« 

"4") a>re1t?^tfci"^>y3^^Y. Desmedt.Y. Frankel(C«i: 
-z>X$kM£tlXl*%> ("Threshold Cryptosystems", Adva 
nces in Crypto logy — Crypto' 89, 435. Spr i nger-Ver I a 
g, 1990, pp. 307-315: "Shared Generation of Authen 
ticators and Signatures", Advances in Crypto logy — 
Crypto* 91, 576, Spr inger-Verlag, 1992. pp. 457-469 
#■) o 

[0021] co>*MR7<r i?9JU««»ao>S*tttt*l 

*«**«)lliA*IB-e«Mft«»*#t*^l4. ISlTOftfr 
(a), (b)2^»fc**L««k3l=#JDA#i A«W*««x 13 

[0 0 2 2] (a) ^ffitgSx SfflTC-r&fcttlCt+l A<D 
*5c-Tftfc*)fl!>*KttlllA*©*t+l *L*t^«fcl» 
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[0 0 2 3] (b) L#lM!5fe3S0>* (t KIT) (Dttftm 

[0 0 2 4] ttX0)S*n«:»tt5>tt#tttt. A. Shami 
r o T813i£il'*How to Sharea Secret", Communic 
ations of the ACM, Vol. 22, 11, 1979#H ) % ^<D<fc 

oizmmzntzo &^imxm<omm^mm\z 

t*o*aaf(x)*^>4fAizai;. n <i<dji 
<p*«=#-r**a>*a*a)«f o> (1=1. ■ ■ n) £<&*n 

A#l^e^o -0*PA#i lziB&*L«*aaa)fflf(i)A^ 
(t UTOtiHIHItttiHMIHIIiIti if O* 3 ft* 

[0 0 2 5] IftffiCDY. Desmedt. Y. Frankel |C<J; 

MJWMTOftfKl), (n)tasfc-r. 

[0 0 2 6] (I) m%*%9)\'—~?\Ztt1r%>5-7L btt^> 
7^-v(Df^v^m^t^f:i6l:t+1 AOfla 

[0 0 2 7] (II) L*lMH*9tO>K (t ^T) <7)*nA# 

[0 0 2 8] iU (i), (i D(D^t£(tT*liT r -< v$;u 
^^^S*<^tfe^*tyci:#. t+1 J2Lta>jnA#*«tt 
*LTt^FiEft*aA#^*o/-li^fcli. »**fl=*-c 

[0029] **uz»lt* ifa>«fcdftSSy *l*OADA 
tl^Lt^f^ Jim* ££/3tT* £ & <fc ? 3 

*<»&*iti**. if<Dcfc5ftlsy*l*oiniA#^tHx. 
b4x^«J^tfc^*t LT«*3*ifc*BWtefciB«# 
tfc (Verifiable Secret Sharing ) «h li. wl&Cbgzlfr 
(a), (b)|z*<&£#(c), (d) SW^C^I^oTS 

[0 0 3 0] (c) *JEts&#m&£*ELi,^ftmmttf 
;1£LTl*Tt. t+1 <i0)iELt>SP^1t«^fc*L«7cC0 

[003 1] (d) £T<&^A#*<*(D*&®<Z)®#1f$8£ 

[0 0 3 2] fTr&(7>£rtt(c) t (d) SSSfc-TfiiBqlfiSfc:** 

[0 0 3 3] (r)^FjEft^A#*<iELL^A#i:;1^L 
-Tifcttlct+I A<DjELt^A%Ota*^fctLli-|-^T* 



[0034] (ii) L£LMt*;Sa>» (t jsit) <7)iraA# 

[0035] ©ffioamte^oa^i/x^Aic^L 

ftK y ^}#oijnA#lw iffitx. &*t««SRTffi«:»S^ft 

(L#lMtt *<t <n/3£^fcTit-&) Sm^-T 

M. Ben-Or, S. Goldwasser, A. Wigdersonlc J: o X 
TfrtS ("Completeness Theorems for Non-Crypt 
ographic Fault-Tolerant Distributed Computation", 
ACM STOC 1988 #i^ 0 ) o 

[0 0 3 6] Miz K ^JoA%a)#»«fcy^35:t^»T?**t 
*fa><fc5*ssy *^oiraA%(c^M^t>tLi)fiigRr 

[0 0 3 7] (1) VttttttBfEHi/XxA (i±#. £ 
l»#fc1t«**i'JT-r" . BBJMIt* 1990^. # 
E§) T?JEl>£*l~Cl^£ x Cut and Choose' <br»¥l£;f'l£&f& 
£*JJEU mr^O>A.ShamirlCci:-&S^M^S^§fc^^ 
iCcfcoT^Ms £#1ifcL/r-t[C. 

s_i (i=i,..., n ) ^wiz^mr^^o o*y. m 

[0 0 3 8] {B Htr^CD'Cut and Choose* &fir£ffl 

o>» y «*(*»ffi-r *se±tto>/<^ > iz* y 
#*a«*-c/hs<-r*^A:*-e#*. lt. 

T. Rabin, M. Ben-Or d<fc 2? i£ ("Verifiable Secret 
Sharing and Multiparty Protocols with Honest Major 
ity", ACM STOC 1989 #I^*<fclf b*t&o 

[0039] (2) JMEB-Cttftftftft^nttttJt** 

^fct--^i^ttii»<Di£7c^ti-m-r^<DA<ffliir*fcs 

<S3e*-T*i&W^i:«« P. Feldman(C<fco 

Xlfk3i±£tltz ("A Practical Scheme for Non- Interact 
ive Verifiable SecretShar ing", IEEE FOCS, 1987 # 

[0040] *tz. -t^<D«tBpIffift»ffi#»*a*fiJ 

^-T^lHl^^a^T-^^CitA^ T. Rabin, M. Ben-Or 
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("Verifiable Secret Sharingand Multiparty Protoco 
Is with Honest Majority", ACM STOC, 1989 #H) . 
D. Beaver ("Secure Multiparty Protocols and Zero-K 
now I edge Proof SystemsTo I erat i ng a Faulty Mi nor it 
y", Journal of Crypto logy, 1991, 4, pp. 75-122; "E 
fficient Multiparty Protocols Using Circuit Random 
ization", Advances in Crypto logy-Cry pto' 91, 1992# 
M) lkZf M. Franklin, S. Haber (" Jo i ntEncrypt i on a 
nd Message-Efficient Secure Computation", Advances 

in Cryptology-Crypto'93, 1994 #81) IC^fc-oT^^F 

[0041] ^<D&5te&m^mtsiw&ft®Lj3jZ£mi^ 

[0 0 4 2] 

jE*fTofc»*i=»*<Da^T#ttt^fc36t#y» 

[0043] **ii=»lt, JL^rosi^Ritg'&igffi^tfe 
»a*i*««si*ia»*wfl!'r*ftft<r). (id ^3if= 

try h£#iirr&fcifrl::!&^>£E>I<t«l*. S±14<0^7 
* — 5»£k (Sttlil 0 0mg.G>®.t><m^t>ti&) t» 

[0 0 4 4] *fc s — *Rlttil»*fflLV iHISa>'>fc 

l*> llft^#»®#IMaS(Dgtft<£<fcy (fifljtli. 

[0045] &L±o&?iz s ±mo>&.&mmzjLi>tjm 

[0 0 4 6] *3SS8tt. l?ra©3*iS»'S:*SC(l) Atf* 
»Ktt«t*5t(2) <0+HI=tteu &gfctmfi±:iHI 
S<DB5**<§gfflWfc*-*-l::fc$«8^flE*fBffi#« 
*5££*JfflU ft* (I) . (^IE*fT5lDA%*<fe*ltf 

g*££j£T-#*i*ci:j!i<*ry#s;fr5£) atf*#(r) 



*IE£ftofcjDA#f*l£»JT-#.l>*5$) £^5rt&. 
[O O 4 7] 

asjuiKi:, &&mfrt>mo)±To>&m~*&mzmm 
owsmmz^^rMzmxf^ m^^-^m^m. 

Sg2CDt&ffi1f*8£*g5cU «rIE#ttSJM§»±:#l::** 
<k LX&UTZZt + 
[0 0 4 8] 

izmwrz. 

[oo4 9] ^mmmx-tt. s-jtaA#*<. te<D<i*<o*n 

^TOjDA#A^Cjt -vfe— :?£gltfcc:±:£S6|g 

X- # & «c si m mm & £ i ~ «t o r * •& «• tfc > * ^ a 
■rzsMmmnmsiL^k ^xmi^tiz-ysfatifw -> 

^SciUL. ^-T-SCut and Choose«&S^ft5^»tk 

ttzm^x. mzm7/i—7\z&ija-r&&iia\miz£ 
^x^^^Aizmn*itzmm<T>7bit<D<fj^-y0±x 

[0050] *-r, *njfi«T'*jffl-r^ftts&i;ffl^<o 

[005 1] 041*. irgP^ft^IJS t<0H«$* 

[0052] ^njseni^fcL^-c. ic*rrsap 

»ft5US i:l±. «£SE<D«lSa5iSRlte'S:®S»tk^iClr 

l-lfeW*^l+e,*tfc©®S8»©n xn ft*lJS= Cs(i.j)] 
(i. j=1. • ■ -.n) T?&5„ 

[O O 5 3] T'&t)^. S-ft^f (S_r(i)= Cs(i, 
1), ■■ ■.s(i.n)] ,i=1.- -.n) fe48ffis.r(i)|CJt 
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S^J** h;u (s_c(j)= Csd. j). •■■,s(n, j)] , j=i, 

■.n) fe&&®s_c(j)fc#^£;fe&SS#^ K>HZ 
tSL&o <IU Btr^O^SOK^ hJU Cs_r(1), ■ -.s.r 
(n)] RlS Cs_c(1) t ••■,s_c(n)] (D^l*. jt<D&® 

[00 5 4] &®#WL&m<D££iZ. Z<D£5\zmf£Z 

tLfcaMMTMaM** h;ui (i=i,--,n ) ;&imffis_ 
r(i)£. JtoA#i ©»«»5M1l«fcLT«nA#i K£ 

[0 0 5 5] *MM|-CI*. 7C<7)»fB1Sa$» 

A#i (i=1. • -,n ) IZ»j£-r*»«s_r(i)(DBBE^a> 
*3tttt«**fc-rflt*. -*«tt/\*5/aB* (B 

IK /MU : " ^ft^^ti" . pp. 224-225. K?1ff«» 
ff**. 1986. #B) t*ott*t«. 
[0 0 5 6] ^0>-*lRltt/\"»>i/a.H*lCO^T 

Bn-rt. 

[0 0 5 7] -^[pJtt/NVvaiadili, T-^ffiBffl 

*>*B*I*»«T?*S*<. U*iBfrbA>*B£Xto«X 
>1tli:i*ai&T**&§lRT*&6o fflU «QS«-ci* % (t 

HMtBRfctt^Si:* W*ftftR*ttfctt»*J»fc*< 

ft?**. 

[0 0 5 8] -*ffltt/\*S/iBR<&*{*«£LT\ R. 
Merkle \Zjz-o TDES (Data Encryption Standard) CD 

36S*lTl*<& ("One Way Hash Functions and DES", Adv 
ances in Crypto logy —Crypto' 89, Lecture Notes in 
Computer Science, Vol. 435, Spr i nger-Ver I ag, 1990 
#M) o 

[00 5 9] 061*. -*«Itt/W>iL|>ft<D*(*»a: 
[0 0 6 0] f^0|C*>l*T. (a) li. DES \Z&&?W 

(B8TM** DES £E T?SLtL^) T?*&o 

[o o 6 i ] (b) i*. ^cddes *as#ffia^ Lxmm 

L. A*0>S**<119 K1?tiJ*<Dfi*)b<1l2 e^h 
km&M&f <&ffl3g£^LTfcy. 62I*. BRB&E] 

[0 0 6 2] A»tZO©«»k,x (fc 

«U *<D— DO)»#k fi**55e^ h£ L. COS 
ttx 0)1$ *64fcf^ ht-r*) o ^fw. f(DSP^x £DE 



k £56fcf-;/ b>0>&± LTm*>tltzm*t* x £0>XOR £ 

»»Lfctt**. h»f o>ffl*«cfcM+*&«©64e^ h 

ir-T^o HBIC BC«#x ^A*iU »y<D«#k 

<t. x ihCOXOR SfHH,fc«S» (64e^/h) cfcy48f^ 
h£§IRF (D$£y<7>&# (*«<D48t??y h) ir-r^o - 

[0 0 6 3] (c) fi. J 5-X-*otltzM' v\*—i>&J<J3t L 

r. -^fRjtt/N^s/3.ii»o>/N^i/zLfli*ai*i:*r^«B 

[0 0 6 4] 5-7LZ>tltz* y-b— v<7>g*DO)119 

e^h*±3Sa>H*F <Z>A2l<>:LT. fi«JCD112 h 
a>ai;fi£#£o #1-. ^(7>tH*^W^A*c7>ii2 bf*> h 

e;*&aya>7 e-yh»si«L 
r«yigLii»F ica***. bbi=« £>?-fe-s?£ 

A* Lfc£#f= (*?/-fe— S?0)»Ba>7 tf^KSA*t 

[0065] matDcfedi^w-wsnfc/x^^iBRO)- 

^ct^fii^rsisr'&^ct) i*. /bi\£*i.*des cd 

v >4fAaS:*R^<py. ftJ3tf5-x.**htz 

^.^tt^Ct*<. R. Merkle ^^ijk^tlXl^^ (mT^CO 

[0 0 6 6] ^(z. HCBX-ett«r3S0)/w>iBRcfc 
y»*<DcfeL^-*fiItt/\^i/3.BRta36**tT^* 0 

ViHR^R.RivestlCj:oT^Sg$tfC^^ ("The MD4 
message digest algorithm", Advances in Crypto logy 
— Crypto' 90, Lecture Notes in Computer Science.Vo 
I. 537, Spr i nger-Ver lag, 1991. NIST Federal Inform 
at ion Processing Standard for Secure Hash, America 
n National Standard X9. 30-199x#Ef!) o 
[0 0 6 7] $Z\Z % ^USS^lcfclf^Cut and Chooseffi 

[0 0 6 8] ttSattB&*BWBtt»B5m£3-t?fT 
t^tl^Cut and ChooseCO J: 5 1^. &&ft&L&W<D t #± 

«*nfcWBO)»*MIIBi:«:*^^52^t*B-r*/i:A 

^i^HftfCk BO)^>yAI^Btf*tfc»ttll B Ik 

«fcot7>^AlC^b*lfck/2 CD^S 
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(k/2) ) i=H*«±T<D»«««*tt»u 

(DIBS (lj(D. I j (k/2) ) icfcfLTUCD+s. Ij 
(k/2)+s lcBr*±T0>»M*B*StfSU ±X0)1&xk 

[oo6 9] KUiiCcfco-c. tt*a>«igRr^?S:©^Sfc 
*aa>ftfKc). (d) of^yi^ *a>ftft(c'). (<r) £ 

[0070] (c a )7jEftff5HR«l^jEL^a«M««£:iB 
ttLfc&#* t+1 m<DiEU,^#ffimtf$>'DTi,7t<DW 

A#<OM»JI*BTte-e**o 

[oo7i] (d-)*ra)iinA#^*a)WSa>»»««* 
■T4fc«>a>jELt^«a-e«:it*ttf. «7c«kS0)i:*lc^ 
[0 0 7 2] ^*ue><Bftttl*. tt***0)J:3Iw^jEa 

uoA#3b<ft-3Tt»**«7c. -rft*>%isyirjEi*fT* 

(z-r^*0)T*fe^>o *tt(c),(d) ^*tltf^jEft*OA# 

*i^rtjEL<»«ai«3^*fT-e#* (jEatticwr* 

(d*) lcMLtt^FiE4JlDAtlittBt#*OT?»& 
<PiftfT^W*fT-r*Cfc|ZckorjEL^Hl**»*C 

[0 0 7 3] cfcoT. *SHft«Tfl*. #ffe£*lfc®«£ 
ttl*z£*,fcy ^jE£frofcJnA#a>»»]l*FJ 

[0 0 7 4] fit, ^0)8fB»il*aS«fflLt, ¥ 
»*a>7c**fl>y^-^(c»iin-r4±inA#iB-e»* 

L. #***tfcW**A*i:LT#«aiKa)*ff^6» 
[0 0 7 5] ttot, *SH6«T?I*. ^IE£*To*iAr]A 

#<&»si]A<wte-e&y. ttM^iMomtfiUH 
[oo7 6] hi i*. *&w<Dimmmx+&*>. kwll 

[0 0 7 7] BBKSl^T* 1 1 li. *>X-rA<D#ftlA 

iuy^cict^o i2ii, £T<&*nA#icif$g£^§§ 
-r*c^^-e***afflaflr*-e*y. i 31*. ma 



[0078] H2I*. IffflfflSSBi ito-Jnvtmtii 
1 2*fcl*«MMMM 3lz«fcy«CDBB£a«*fT*: 

•ooj:5«:a««B*«-efcy. 

[00 7 9] kit. ±aLfc*««diic«*:y. ^Sfc^-f 
[0080] [SllSfiyi] ca>st««-ei*TOaa> c.p. 

Schnorr l-cfc -3 XHkMcStltzTJ ;US*7jj£*m^ 

[008 1] {l,-",p-1 } COP*3(C*4^<Dtc 

[0 0 8 2] fc^TL&ihfciMBs |Z#-r**WMT*IJa> 

JH*»ttKMSfT5 (B4#B) o } a>« 

lcfc£S&£(D7CS |C*M-*«MMt»IS= Cs(i.j)] . i,j= 
1. ■••.n£l*. #fT^^ h;U (S_r(i)= Cs(i,1), ■■■,s 
(i.n)] . 1=1. ■■• i n) aKBtfs_r(l)e£ftB&-r«t 
&<D£3l3tfi(Dn 1B0)Kd«ffiM l in icafTiflif i 
(M), • • \ f i (in) #W<* h;U (S_c(j)= Cs 

(1. J). ■■■.s(n, j)] ,j=1,--.n) (0S*^c(j)*S» 
*£-T4t *(D£Jl5tgj0>n fi(DS^4fitj1. jn|C 
»-r*«gj(j1).--.gj(jn) l=*y. $t>lzM^<Dfila) 
hJU Cs_r(D. • • ,s_r(n)3 [s_c (1) , • ■ ■ , s_c 

3*f &tfg <B«f (M. in)&l/g(j1, "\ jrO&fcoT 

[oo8 3] »ffi<&7cs ^ic#in-r*± 
aPA*M^W*lw»fBc«»*4t**aicW«»#*#E 
**»B#tMM£. *05)J:5l=»«**ifcW«*fcf* 

(^lEtf&ofcJg^i::) ^jE*Lfc»A**W&3bMcr 

[0 0 8 4] ISTFC:. h (JMtttUr**© 

— *k li&4^ak'|c^LTk=nk' *a/fT 0 C(7)ii 

Wffi»»fflS<0«BA«S4«*l*. Cut and Choose 
S&SlZcfcoT (mTlB T. Rabin, M. Ben-Or "Verifiable 

Secret Sharing and Multiparty Protocols with Hone 
st Majority"#E3 ) 2~(-k' (t+1))|Z^§o 

[0 0 8 5] (1) »ffi»ffitA9 (0 5#H) :|Bffi<D7U 
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(^>Kl) JraA#d it <B5-Cttffi3!Ri.d£«-r) 

a*«±*stffl^t, 5t(D©Ss at; ii.---.p-i } 

CD^^fc^^^^ixlZ^f^yc^SCDTull, Ik |C*J 
**ffl#frM*£lSU »««s_r(1), •••,s_r(n), M_r 
(1), ■ ■ I1_r(n), • • •, lk_r(l), ■ • •, lk_r(n) 

[0 0 8 6] finA#d f4=&JraA#i (i=1. ".n . {! L 

frMO)**!** h;US_c(i).L1_c(i), •■■,Lk_c(i)&i;© 
ffis_r(i), I1_r(i), lk_r(i) (@ 5 T*l41f $8B1. i ) £ 

[008 7] (^>K2) #»lA#i (i=1."-,n) 
14 (H5-ei4«B3lR2. i) a«t*^»*ffll^T. k'<I<7> 

1 Bi_k* . n AO±T<bm*m\^Zi?&£ev M4B 

1, • ■ \Bk ^Pf-Ko 

[0088] (^^>K3) jpA#d (i (05-ei*sas 

R3.d) 7>>>K2t?ttai$tLfcS-e^ hBj (j=1,. -,k 
£#Lfc»#ffWLj*lKSU Bj*<0 T*fc*ltf^>K 

»SLfc1f«i4* @5md^^*, 

[0 0 8 9] (^4>K4) #*JDA#i Ci=1. •■-.n ) 
(4 <H5TM*flk3R4. i) ^^>Kl -C»ffirzgmLfc1S 
«B1. iOft^lz. *ffij (j=1,---.k ) lc»LTW<* 

h>ULj_c(i) *tflj_r(i> (^^>K2-etts**ifce 

*y hBj^1 0>J^) fc£lM4U_c(i)+S_c(i) Stflj.r 
(i)+s_r(i) (Bj*<0 <Z>Jf^) K3-CMS*Jfcfc 

ttlA#d aflfijCv-b-i? (H5T*I4««B4. i) 

[0 0 9 0] (9*>K5) jtiaA#d 14. 7'»K4T? 
ttaLfc«PA#j l:BLt7')>Klt^Afd *<W 

«rra«Lfci»«Bi.j (®5r*i45ftSB5.d) Hkatr* 

(@5T-l4to3gR5.d) e 

[009 1 ] (MS) &&)A#i (i=1. — .n ) 14. 
^•5>K5-ett26**tfc«*A«iEL<ait*itf. fc&l* 

(4. v^>K4^aa*nfc*Js>^-b--i?a><ia*<H 

(@5-ei45©3lPi) 0 ^^>Kl -5T-#iinA#i 
«Lfc±TG>flHB*s_i <h§< (as#I) o 

[0092] (2) &®m7t&m (@8#H) 
ffl«(w<fc£#taA#*<#oTl*£««s_i itO 



(^>Kl ) #*PA#i (i=1. -'.n ) 14 (B8-CI4 

s_r(i) (■s-cafltttBi. i) ^tt^-r^o 

[0093] (^^>K2) #toA%i (1=1. -'.n) 
(4 (ia8TM4ffl3lR2. i) ^> Kl T-»S£2ftf-ffi<Dfc 
t+1 <i(Dfls_c(i, 1), ■ ■ s_c(i, t+1) X^s_r(i,1)," 

•,s_r(i.t+D zmzs. »aA«MA9a>isjii8(c)&tf8 
(r)**». s*3&««L<«:ysiyo!)tta6**tfc«[** 

0fts (c) =s (r) IC^JS-T %>m C &mj£0)IE L iMBI-fc & 
(4s(c)=s(r) Lt^*IKL«7cffi3l3b«»*3* 0 

#aa'ic»*6 l a i><s*<fti£ £ *tfc»d Sottas. 

l41ff«B2. i) o 
[0094] (^^>K3) #^PA#i (i=1,-".n) 

(4 (H8-ci**aaiR3. i) ^^^^2x*^m^titzm^ 

h;US_c(j) (j=1. --.n ) *&»#fT*US'S*fcJ3tU 1. 
■••,n i=>M£:&t+1 fiO>fit£#i;^Ta>*£t1 f ■•■ i tm 
(^«-em=n!/((t+l)!(n-t-D!) fi<D^£A<fc£) 
■r^^iJ^^ h;KZ>*^T1, •«-,Tm ^tl^tlOfr 
t W l^^-T ^> ^^^fflrafflSO)e*s- _r (1 )..... s- _r 
(n) &^s'_c(l), •••,s'_c(n) ^^tf). lEf^ t>Offl 
<D*^^ffiP B 1^3KDeas' (r) &tfs' ( c ) 

ilOls'.cd), ■ • \s'_c(n) IkXfs' _r(D s'_r(n)(Z 

[0095] ^(D&^i^mmztitzt^ mom*? 

S_1.---.S_T (*rf£U T<:t+1 ) iPf^ 0 lELl^^fT 
m<-®Lfrt£t1-tl& (T=1) . ^CD^J(z^-ri>®ffis 

^IE^Lfc^A#*S^-o iELt>SP^^«J^-OJ^_t 
/)<fctL(4. «-*PA#i(i=1. '•'.n ) l4^#oTl^^^:ra> 
»»1S«s_i ^tt^f^ (S8TM4if*B3. i) o 
[0 0 9 6] '(Ml) &JtaA%i (1=1. "-.n ) 14 

(j=1. --.n) ^ffll^r. 7^>K4r*ffgLLyciELt^ 
a»tT^JS_1 t - -.S.! (fct£L. T<:t+1 ) IZ^LT. 15 

5il£l->tf LTiE Ll x (fi^— DL^j&yitfttO SP^fr 
^J(c^-r-5»ffisM47cCD^s ir^Lt^^^JBT-r^o 

[0 0 9 7] )U±l^ct:y. ^€#y;u-^<7)fc-i>^A# 
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»««*-r*«aa^*«^s*. #i^ ccDsa^ft*;* 

[0 0 9 8] (3) MSAM (i9#I) 

Kl -5) #JlOA#i 7b< { 1 , ■ • • , p-1 } <DF*JlC 

**w*o>7ca(i)*^>yAizai;. ±aa>«W5MKA 

IM"*. #*DA#i AV(a(i)) mod q (fc« 

[0 0 9 9] (^0>K6) -taS<DWflB»»ASa>»ffl ! 
3S*IMtU jEL<^tfc^tbfci»?B<7>7ca(i) (i=1,—, 

ffi**»«S1«Ra £-f£ 0 2 t>lz, jEL<»***tfcW 
ffi<D7ua(i)lz^-r-SU<OfliSa>^H 7 >Kl ~5t^^ 

*tfc« A(i)=g~(a(0) mod Qtommtnn^ »&*ifc 

®HA=g~a mod q * *<OSOU— ^IZcfc*»« SMBT « 

[0 1 OO] T^>K6t»ffll^fc»tkiP»l--3l^TBI1 
O LTRBTT*. 

[o i o 1 ] «rifi(D»ffi»tfc«Baiiw<kor. d. ■--.p- 
atfyj . im^mm^ d. ■ ■ . p-i ) <&rt 

X_c ( i ) & Y_c ( i ) O =6&&ffix_r ( i ) & tfy_r ( i ) 0) 
0)jtafl:«amx_c(i)+Y_c(i) tfx_r(i)+y_r(i) )b<x+y |Z*J 

[0102] tttt{Kroaai::J5l*Tffi^tt«fitB?« 

f*. S**B«U Jta^eSx+y «tt7cffl94>£#!&S 
■Cfc+tli. ifi**JHl*4C£l=J:-3T»»x+y (3^^ 

*fctf>l^ #anA*^»-3Tt^4«#fT^Ja>#K*ia 

[0 10 3] cfcoT. ±^(DfilS^«*:oT^tfc*tlfc- 
O<D©ffiC07Cx ty Rlfi'£ffl0)7tatb (D|8J^^a*x+b 
*y l**oy^-^lc»Jp-r*lllA#IIB-e»B-frrfc» 
fcLTit*"C#*. d<Dfi^e^«l3®*Bl 10>ck5lC 



»**#jtaA#«<BAffi**jFLTl*4 0 #ttlA#i (i 
=1.---.n ) OA Jilt* &1&£titz&®<D7tx ty lc*f 
lT<i>SJ#1f*gx_i £y_i atf^HOOTO <hb lefty. U 

[oi 0 4] isi±a>fflasic«fcor#&*ifc»e«*«ffl 

[0 10 5] (4) (01 2#ffi) 

(^>Kl -5) «-JtoA%i Ii.---.p-i } Ortle 

m&mm Lr»*#y;u— ^i=#in-r *±»A*M-e# 

tfc-r^o Sfcl^ «BA#i AV(r(i» mod q itztz 

&i£mm&zmm Lt»at*. 
[oi 0 6] (7^>K6) ^2<Df*&#*fc«»l<D&A 

SSSfrU jEL<5Mft**LfcWea>7cr(i) (i=1, •-. 
n ) *A*tLrjfe»0)»«ln»lcj:-3r#iMe*r £ 
5*#>& 0 iEL<^St^tlfc^?&<D5Lr(i)|z^-r 
«9">>Kl ~5T*ifeHI2*lfcfii R(i)=g~(r(i)) mod q 
a>^ffR=gV mod q £ft^t"£o 
[OI 0 7] (^>K7) #Mtl^^b*lf:>^ 

m ^A^i: LTltl^Om^Oliah CDtH*e=h (R|m) * ft 

WL»m^i^m & m m l t , s=r+h (r i m ) *a ^ »tk l r «• 

[0 10 8] (7^>K8-1 O) iaO)W*#tk** 
T. 4«**ifel«*WL, iEL< ftt>t^5FiE^L 

gsmTc^s^nfT-r -5 c <b: iz j: -^t^je l/=*da#*k 

[0 10 9] CH*6^12] C<DHJ6CyT*liB5^a>A. Fia 
leOl>T^-<-So *"J*. {I.'". N-1 } 0)rtlzfc£i&fc& 

[oiio] t^ibtifcSfis i3»-r4»»ffwa> 
m(*WftSi^*fT5 (■4#H) o {1. --.N-1 } 0>rt 

ic&^^otcs ic»-r*aj#ffMs= Cs(i, j>3 , i. j= 

1. • • ■.niitt. *^T^^ h;U (S„r(i)= [s(i.D. - -.s 
(i.n)] . i=1. • -.n) 0)S*36<*a)«fc5lcga**tSt, 

[0111] s(i, j)=s_r(i)*q_r(i,l)"(j)*q_r(i,2)^(j 
"2)* - *q_r(i i t)"(j*t) mod N (j=1.---.n) 
tzt£L. q_r(i,1), ••• t q_r(i.t) it (1.---.M-1 ] CD^ 



(10) 
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m**? h;U (S_c(j)= Cs(1, j). •••.s(n, j)] , j=1, • 

n) (Dwmitx.to&oiz&mzti&o 

[0 112] s(j, i)=s_c(j)*q_c(j, 1) ^ (i)*q_c (j, 2)~(i 
~2)*--*q_c(j,tr(rt) mod N (i=1,---,n) 
tztzL. q_c(j. 1). • ■ -,q_c(j.t) I* (1.---.M-1 } 0)& 

Zlzffi&omO'lV h;U Cs_r(1), ••■,s_r(n)] 
[s_c(D, ■•■,s_c(n)3 (D^yjit. {1.---.IM } 0)1*3 
l^fc&q_r(l), • ■ \q_r(t) . q_c(D . • • \ q_c(t) |Z#L 

[0 113] s_r(j)=s*q_r(l)^(j)*q_r(2)' k (j''2)*' • -*q 
_r(t)~(j~t) mod N (j=1,- -,n) 

s_c(i)=s*q_c(D^(i)*q_c(2) A (i A 2)*« • -*q_c (t) " (i ~t) 
mod N (i=1 f • - - , n) 

[0114] &®<D7ts &m%m<?)i''-yiz&imTz>± 

-rsm&witomk* *<D& : ?\zftWL£titz®®*tzi* 
(^AEtfti-otzm^iz) ^iez LtzmAmzmfriz^z 

(2) (D&vizfrfrtl&o tztzL. Wffi!67U«lS(2) iz& 

(S_r(i)= (s(i,1), ■••■s(i,n)) , i=1, ■■■,n) Oftlcfc 
&t+1 fi<0CX (s(i, jO). ••• > s(i, jt) ) ^£ffis_r(i) 

[0 115] s_r(i)^(nl)=Prod_k(s(i, jk)*(Prod_l (l*n 
!/(|-k)))) mod N 

fc«U Prod_k(f(k))l*k=jO f jt |z»r*fflf(k)(D 
flStU Prod_l(g(l))(*l=jO, •«•. jt (I *k ) lz 

»-r*»g(i)«>»»*«-r. 

[0 116] Bi:j:ai=. **y<* h;u (S_c(i)= Cs 
(1, j). '",s(n, j)] ,j=1.--,n) Oftlcfc&t+I IICDH 
* (s(iO, j). ---.sCit. j) ) *^{fis_c(j) 

[0 117] s_c(j)"(n!)=Prod_k(s(ik t j)"(Prod_l (l*n 
!/(l-k)))) mod N 

ZtHotb&to** h;U [a_r<ir(n!) f ■ ■ s_r(n) ~ (n 
!)] (fctlM* Cs_c(1)*(n!). •■■,s_c(n)*(n!)] ) 
(Drtlzfc&t+I 1l0)£fK (s_r(iO)*(n!), -,s_r(it)^ 
(n!) , (s_c(jO)^(n!), • • • , s_c (jt) " (n!) ) 

fr&Wffis ^^to€>fetolw^Ott^fTt?tl^ (s_r(i) 
*<n!> <7>*§^) o 
[0 118] s^(n!*n!)=Prod_k(s_r(k)"(n!*Prod_l (l*n 
!/(|-k)))) mod N 
s=(s~(n!*n!))~u*(s~irv mod N 

tztzL. A. Fiat, A. Shamir Icj: is* Ji^m^^iZ 

I*. u*n!*n!+v*l=1 frft* «fc 5 fcu, v 

I mod N I*. SIC (6) |CfcL^TK5B-r«4l«ffl3SIzteL\ 



[0119] &l±iz*»* m^m<f^—yo»>^im7<m 
^<o»S«« m®m\zftm?z>. tzt£L*a>V)i>-z? 

[0120] (5) «£/S«k3I (Si 3#H) 

(7^> Kl ~5) #*DA#i *< {1, ■•-,H } (DftlZ 

*t>fz. <&AaA#i tfaOTl mod N (t:t:U 

[0121] (^0> K6) ±j$<D©ffi#fifc«l3!(D&«a 
ISHftL, jEL<»»**tfc»*flt)7ca(i) (1=1. 

fcil*£«#1fi«a i:-r^o S6I=. jEL<»***tf=» 
aa>5ca(i)lzM-r«tttdE)AaBa)7^>Kl ~5-CS3£* 
tlfcfit A(i)=a(i)~l mod N<Di£It$-1H-ll L* #t>*tfc^ 
SA=a~l mod N ftOV )\,— Z?[Z Jz htz 

#><D'£Mmm v&mm) kr& 0 
[0122] ^^^FeT'm^tzftnmmzn^xmi 

[0123] «raa>»e»*ffi3iizj:or. n. ■••.n- 

1 } CD^lcfc^-0<D^ffi<7>7cx ky tf#nHtltz±£ 
(«-AQA#i *<®ffi<D7CX <ty lz»Jt-r«»a&«»x_i 

x^y_i »o> . a«*fft>n=. ii.---.n-i j <*>fc 

[0 12 4] #»lA#A<»o-C^*ffl»fT5«(DW<^ h 
;UX_c ( i ) S. Y_c ( i ) ^0»ffifilx_r tfy_r ( i ) (OCX 
*0)*»tt»X_c(i)*Y_c('i) ^x_r(i)*y_r(i) *<x*y |z 

Mr***!?*!©*!** h;u&tfW««fc«:*c^i*. 

□L|ia<Dffix*&i;y*li. W**E«L. il!BSx*y * 

T«Jffix*y fc»JC-r*«#frWX*Y $?tB-r^o 
[0 12 5] mC&Olz. ^»**Lfc— 3<D»ffi<D5cx 

x ky &Xf'£ffl0)7ta b (Ofe^a*y^b \Z*0)9)\,~- J 
[0 12 6] JSL±OAllcJ:otft6tlfe»mtfllffl 



♦ 
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<fJU- Z?\z J: o T &CD <fc 5 L T £j£ £ tt £ 0 

[0 12 7] (6) ^S^SB&S (01 6#RS) 
(=>0>K1~5) «-*0A#i {1.---.N-1 } (DftlZ 

&£S£(D^r(i)£^>*Alz3il^ ±&<D&®KWL& 

mzmm Lxm^</^-zfiz^mr^m?<mmx^ 

fc-t&o £k>\Z % #AnA%i AVOn mod N (fcf£U 

[o i 2 8] (v^> K6) ±&0)»&&9k9nmo>&m 

3M£H*tU iEL<^ife**lfc®S(7)7tr(i) (i=1.---. 

*SbZ>o £*lz % IEL<^tfe$tlfc^<7)7cr(i)(C^-r 
Kl ~5T*l&2l£;h,*:<ii R(i)=r(i)^l mod NO 
^#R=r~l mod N ZnU+Zo 
[0 12 9] K7) «-*PA%li-^x.t>ti^y y 

•fe-i^m *h^^^K6r*ti-S:^^fcfilR £5tJg!Lf=fi&R| 
m ZAJlt LTm&<Dm&OM»h CDtil*e=h (R |m) £ft 

£ mm L T . s=r*a~ (h (R | m) ) £#?tfc L T ft SI 

[0 13 0] (7^>K8-1 0) ±&0>m&i*1frj5l£. 

b*L^> ^-fc— v<D^£(£(R,s) £-f£ 0 4>l§f^a & 

T. £j£S*l*:W€£flii§U IE L < cf ^lES" L 

fc^A#*<#^£<t¥iJ»TU HU^OW^Sfe^O© 

[0 1 3 1] CHS£^J3] ^<DmmmXl*fft&<DT. EIG 
amal (American National Standard, Digital Signatur 
e Algorithm ) lz£ ^xmm^tltz T -f *>9 n^S^xC 

[0132] ^«#^;u-:?ofc&*DA«ri<#oTi^ 

t£L^coy;u--^iz#jn-r^^AnA#FBlT?^tfc*tirt> 
&) . a^^^sit^^^-r^^nits (^msiz 

&tz#><D'j±mmm) ^mt^miz^x^iz^ 

[0133] (7) m&fa&m (®9#rs) 

(^0>K1 -5) &tt]A#i t< {l. •■•,p-1 } <DI*J|C 

m&mm Lxm^m^^-yiz^m-r^rnxmrnx^ 

tfc-T^o *flDA%i *V(a(i)) mod q (fctt 



[0134] O0> K6) Jl&(&*&&*H&fll310>f&*& 
S^SfiU IEL<#ix^;h,fc&®<7>7La<i) (i=1.---. 
n ) £AJ3± LXUT<D#WLmmz£'Z>xmh>*ltz&®L 
fcb;fc£*&&1f$ga <t-r^ 0 £t>l^ IEL<ftWL2tltz& 
SC07ca(i)IZ^-r^CO)^SCD^^> Kl ~5T?Sfc&£ 
ttfcfit A(i)=g~(a(i)) mod qO^S^ft^U m^tltz 
eiA=g A a mod q ^fCfc £5t^-f £ 

[0 13 5] TOaflO»*#1K««z«fcoT. [1. •■'.P- 
1 } a)W(Cfc^-0(7)^S(D7Cx <ty #ftfc£:txfc<t£ 
(=&*QA#i *<*Bg0>7Cx ty f::ttJ6-t&*BffiS&#x_i 

&t;y_i »o) % mmzift>-r\z % n.-.p-i j ok 

Clfc^ftx+y (Z»J6"r*W*ffl»(x+y)_i *HSS«1(C 

[o 1 3 e] wrjfio>we»ikffi»c € feor. {i f •■ •,p- 

(#JtaA#i *<^<0tux <b:y *»*«»x_i 
&l/y_i »o) % ffilH*fTt?-r(^ [1. ■■■ 1 p-1 } (Drt 
^fc£«x*y (C»K-r*WB«»(x*y)_i ^^(D<fca^ 

[O 1 3 7] fc^*IlA#d {1. ".p-l } CD 

[0138] (s) ttBwtttt«B»ik&tf**aa (■ 

1 7. 1 8#^) 

JaTlcfelNT. Hlft«l ^f^Ccfcdlc. h 

^»k'|c^Ltk=nk- ^jUfc-To 

[0 1 3 9] (7^>Kl) ^0A#d l*a.ft«£#A£ 
ffil^r (Si 7T»l*«k3SR1.dta-r) . »^(D7ts 

[1. ",p-1 } <Dftlz&&^ ^?£>lzm£tltzm®(D7l 
11. •••.Ik r=S*-r*»»frM***L. ©eBfis_r(1). ■ 
• -.s_r(n). I1_r(l), • ■ ■, I1_r(n), • ■ •. lk_r(D. • • \ lk_r 

(n) rc»-r*/ws/iH*a>«8**H-»-r* mim 

Hi) o JtaA#d tt«-^A#i (i=1. --.n . fc/s£L&» 

<D#^J^<^ h;US_c(i).L1_c(i). ■••.Lk_c(i)&t/^Ss_ 
r(i). I1_r(i), lk_r(i)SWeafitt*fflL^ra« 
L. ±ttlA#BH=/\^i/ifits**( Bl 7-CBI.d) . ft 

[01 40] (^^> K2) *J!inA#i (1=1, •••.n) 

(@i 7r*ii«k^R2. 0 (i. =>o> Ki -egit3xofc$& 

«s_r(i), M_r(i), lk_r(i)&tfi5llir»ilC**Lfcx |C 
WtWx„r(i)*A*i:Lt, t_r ( i ) =s_r ( i ) *x_r 
(i), m1_r(i) = M_r(i)*x_r(i). • • •, mk_r (i)*x_r (i) mo 

d Ha>nmm\ aJM6£^«£m>T. &t>titz& 

*(=»-T*»»ffM (T(i).Ml(i). • ■•.Mk(i) 4lftf % 
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X(i)tff«) »«Mtt<i)_r(l) f ■■•.t(i)_r 

(n),m1 (i)_r(l), ■ • • . ml (i)_r (n) , • • ■ . mk (i)_r (1) , " • . ra 
k(i)_r(n) |c»-r*/\^e/iH3R<D«s**«-W-r* (H 
7*B) o #*DA%i 1***11 A#j (J=1.--- t n . fc« 
LS»liR<) lc»asafiB*3WfflLT. t*Lfc#» 
#fr*U 0>«-*>J * £ h ;UT ( i ) _c ( j ) , M 1 ( i ) _c ( j) , ■ ■ ■ , Mk ( i ) 
_c(j) &tm«t(i)_r(j) f m1(i)_r(j). ■ ■ mk(i)_r(j) 

[0141] (^i/ K3) #ttA#j (j=1."\n) 
(El 7r*l*ftl3lR3. i) I*. a»«4fS*fflt^t, k' 

=p^^M^miMz\Cma>\£v K*Bj_1,.. f Bj_k' . n 
AO>:£T<Z>taA%lz*t-r&£tf y h*B1. ••■.Bk £P¥ 
£• AnA#i Jb<»2£Ltc1t«l*. 01 7T-B3. iirSSftl 

-So 

[0 14 2] K4) *DA#d (Hi 

R4.d) I*. 7*>K3-ett£3*Lfc«-lf? hBj (j=1." 
•,k ) lc»Lt, Bj*<l TffctU*^:/ Kl T*AaA#d 
35^dELfctt»frMLj*ttaL. Bj*<0 T*&*U£^> 

Ki*±a)*amHgS (s+ui:S<) *«a-T*( H7t 

B4.d) o 

[0143] (^->>K5) #»lA#i 0=1. ■■\n) 
(01 7T?I*«QSR5. i) I*. 7^>K1 t*»ffilcSflL 

fcHMBi. ia>*a>j (j=i, • k ) i=»r*#w<* h 

;ULj_c(i) atXl j_r(i) (^^> K2T?ttSS*lfctf* 
hBjrt<1 (Difl «•) fe£lM* Lj_c(i)+S_c(i) &tflj_r 
(i)+s_r(i) (Bj)!><0 <0m^) K4T'j&££*t*: 

#8fi. 01 7. 1 8T*B5.iti$^o 

[0144] (^0> K6) #flDA#i (11 8t*M 
SR6. i) I*. v^>K3T-J&iH^ttfc#e^ hBj (j=1, 

••■.k ) [z^lt. bj*<i -e&^i^7^>K2r*AnA# 

i jb<£j$L*=SP*MT*U Mj(i)*»2IU Bjrf><0 "CfetUi 
=>^> Kl T**DA#d *<£lSLfc«#fTM T(i) <hMj 
(i) 0)^mSC7>^IS(*-h (mod p ) 0>ft]»B& (T(i)+tt 

j(i)^«o stka-r*. *nA#d i*. 9*>k 

5T**J^LfcJtoA#(D9J^^ h;u£tti£-f &o *DA#i 
A«ttSLfc1«RI** 01 8T-B6. ItmZtiZo 
[0 14 5] (=>*7l/ K7) #j icttLT (j=1. ■■•.k 
) , «-*DA#i (01 8T?[**&SR7. i) I*. 7^>K 

< 0>*T*IJ*<IE L < . fro. K3-C»aiS*Lrt:#fcf 
hBj (j=1, • -,k ) |C»LT\ Bj*<1 •CfetLl^OSP 



[0 14 6] (lj_r(i)r(-l)*Mj(i)-X(i) 

*fc. Bj*<o -cfcfctt*att»fTM**atr«. 

[0 1 4 7] 

(s_r(i) + lj_r(i))"(H)*(T(i)+Mj(i))-X(i) 

1=) fr^tt^o JraA#i35<ftjSLfc«**. 01 8T*B7. 

[01 48] (=>^>K8) &j,o IZ^LT (j.o=1, - 
■.k ) . #jDA#i 0=1, —.n) (018T?(*^31R 
8.0 I*. ^^>K4-Ctta6*ttfc««S«fflLT. Bo 
frl -efttLtflj_r(o) tfllTcUfelftlcAOM^^ hVU* 

[0 14 9] 

(lj_r(o))*(-l)*Mj(o)_r(i)-X(o)„r(i) 

Bort<0 r-fcttl* (s_r(o) + l j_r(o)) *m5cLfc^lz^<7>?iJ 

^ h;uSft*U *iJ"<^ h;i/|6*frIEL 

[Ol 50] (s_r(o) + lj_r(o)) A H)*(T(o)_r(i)+Mj(o) 
_r(i))-X(o)_r(i) 

fe£{Io lC#LT«B-e*ttlttttfJBA*o flDttffi** 

-t— iraA#i ^»SLfcif*(*. 01 s 

[015 1] (7"»K9) #JPAfo (018T?li» 
SR9.o) (i. ^*7> K8-ee#IZ»LT*lJS^ v*> — *J 

3b«tt5»3F*ifcJt^l=. ^eo^iJ^^ h;u*»36-r*o *nA 
#i3b<ftSLfc1S«l*. 01 8T-B9. i<t^^n^)o 
[0152] (^"»K1 0) #*PA#i (01 8tli 

fflSRio. i ) i*. *ro>ftai**tfci«a*«BL. ^ie 

JnA#i A<tt3&Lfc1«RI*. 01 8T*B10. i 

[0 15 3] ±JtaA#(CcfcoT (#»A#i 

a>ffiSa&<Bi 8T-li*&3lPi'T?^£;ft£) iEL<7>Sfc^tt 
fc«»frMS(i)*x(i) 0>5M»B»IS**fT3c:fclc«fco 
TjEL^§U5>^JS*X £#ftfcLTtm-f *o ^iEICcfco 

[0 1 5 4] KJL±<Z>«ftS*fT5 C^ICcfcoT. &&JJQA 

» i *^>^A(cs>uff { n • • . p-i <»\*iiz&&&®o 

jus li. WBW*«:»-e»«*<fT*3*i«:A«&. [^«fIc^ 

[0 15 5] Kl -1 O) *^A# i tf^ls? 

Mz li.---.p-l ) a>rtlcfc4Wfta>5cr(i)*B«U 

[0 15 6] (^0>Ki i) jEL<BBWtt«:»tt^ 
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mtfiTl*4^T0>iiDA#jl(i=i. ■■•.m) lc2*-r&IB® 
OJdDlLr = r(j1)+r(j2) + " ■+r(jm) £ r*y = r(j1)*y+r 
(j2)*y+- • •+r(jm)*yA<|9aa>»fikttl»IC«fcoTH-S**t 

[Ol 5 7] (^0>K1 2) ««0>ft])(u=x-r *><#tfe 

[Ol 58] C^O> Kl 3-1 5) ^T(7)jlinA#lwJ: 

[01 59] (7^>K16) »ffia>|8»fS$z=r*y-u* 
y=x*y tftttfeftlJStl^o 

[0 1 6 O] Ji^O«ftSICj;oT^Sfc^*Lfr~OC0«JS 
0)7tx ty <D«x*y li^CDy^U-^lC^T^JraA^ 

[0161] (8) ^*£j$fflk31 (02O#1) 
(^■»Kl -5) #»JA#i rt< {1, ■ -,p-1 } (Dftlz 

Sfc-T^o £ 6 l-s #*aA#i *V(r(i)) mod q (tztd 

[Ol 6 2] (7^>K6) ±&(DWffi#»«kJ!a>&*& 
3*»rU jEL<#«**VfcW«OTcr(i) (i=1.- 
n ) £A2J<>: Lr$fe^(D^ifcJnS:i3cfcoT^tfc^Sr * 

§7^>K1 -ST-fcizt^JWrft R(i)=g~(r(i)) mod q 
a)^^R=g> mod q &%tW-~?Z>o 

[0 16 3] (^^> K7) a-*DA#i*^^.e>*ifc> 

t-ym £A2>£ LTffi20)3fSfl!>H*h <Dtt*e=h(m) 

0»fMB^IS^«l31$«fflLT. b=(e+R*a) ^tLt 
MM"*. 

[0 16 4] (7^>K8-17) VC*?*— 

inr4*ttA#nB-e±afl>»il[**ffi3i*3pjfflLT. s= 

b*r"(-1)t»lkLTtHM-«. fc«U r A (-1)<7)^tfeffi 

5#BS) |c3Sl\Tg^(r(i)) mod q(Dftt> l J l-g~ ((r(i))" 
(-1)) mod q *«-»-r*Ltf<fcL^o 

[Ol 65] (7«)>K18~20) ±&<7>*&ffi#fifc;fr 

fc*A#*«#*E-r*tflWL. «T3»a>was»ik*aa)» 

[0166] C(60>2SK0H *3£fBI*. USEtftf 1 ~3|Z 



CO^a-CtcfcL^o *fc* Cut and ChoosefttS t 1 
|cm(*WI^Lfc^JHt?3Ei:<rt. ^r(D©©^ilt>-r 

[01 6 7] tt±KMLfeJ:9l=. I** »(I 

*) *&«t*»**yju-^i-«fcoT. *o><fju-zf<» 

[01 ee] ffi*at&(Ccfc^^jE3b<a&ofcii^iz 

^iE# £ "f S* t £j£T* # ft I* £ I* 5 fltt-r -r 

[0 16 9] ftSf*t^-^#iDt§ 

6*1*. L*>U &l«f(3M«lflli, l*n~2*k 
o>*— «r— (n i*inA#a>Bu k l*S!£/^*— I 

[01 70] tffu &®mjt&m mftonmmi o> 

9km (2) CD^^>K3#Ri) T?fr5m=n!/((t+l)!(n-t- 

1) !) co^£:£t+i 5iJK>? h;u*dtr*-&a>»c«fc-3 

T\ n tt+»/Jx*< (n <20) <Clt*ttf. ^FIE^fTofc 
*PA#<D«ISiJI4Sffl±"eHltT?**i:#x6*L* 0 cfco 

[0171] 

*t. c t iz & o r akm&m&it zti&t 

[0 1 ] *^^co 1 USSeycDSfi vXf A0O«tt*A« 

[@2] «a«issscD^p^^««*^-rH-cfc*o 

[03] ttBRTtt«:»tt5Mtt«3Ca)^nft^rH a e& 
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[04] ®&&&nv\<z>mwEiv&z>. 

[0 5] IB&#lfc«i«^IIIia>!&0.8l2T-36&. 

[06] -*|S]ttyvv->3.na<0JM*fi9£*-r0-efc 

[0 7] -;£iRite/vvviS8roi&W0T?a&£. 

[0 8] ©Stt7C«lS^ll<Oitt^0T?fcS. 

[0 9] sj®^a^^ias^js«ia¥-)ii«)iftiB0T?fc 

So 

[01 o] ttl**8&o»il&JlcDl&W0T?fc-&< > 

[01 i] ttim®o&i&&ti;wmo>Kmt>M&o>m.w 

0T?S>-&. 

[012] »tfe§*^«ka#|ll(Oift^0-C'&So 

[01 3] m^m^.xs-&mm±!$.9m^m<nmmm-c6> 

[014] »tk«^o*»«iiaoift^0r-«.s. 

[0i 5] »»®!&<oie^ftisa)Atti73ii«roittW0T- 

[016] »tits*^«ia^][i(OijiW0T-fe-So 



[0i7] ?sgpifig^©SRt;»tfc^ffla^iii<»i$iw 

0T-&-5. 

[0i8] mw^t£tzm®&.tfft&mm.mm^m<Dtsiw 

[01 9] ^ti©^fl>^S:«aa^iiia)ijiM0-efc*. 
[02 0] x&Lm%<£fimm^mo>isivi\MT!ibZ>o 

i i tfSSttSSS 
1 2 

1 3 %&&<i% 

2 i juitss 

2 2 ;HS:jl&31SB 

2 3 SL»&£fcSl 

2 4 IEHS5 

6 1 Bt-^blH]S& 

6 2 Hftsetr@» 
6 3 j\y*s^mm.9&m& 



[01 ] 



[07] 




21- 
22- 



fUA*X 



[0 2] 



12 

± 



I 



13 11 





















seas 



-23 
-24 



ll_r<l) 



D^_r(l) 



s_Kn) 



lk_r<jO 



(15) 
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[03] 



[04] 









S_c(i) 


Ll_c(i)| ■ Lk_cGO 














a - l <D&&S + Li *«3E+ * 



H9M 



'Cut and 



s_r(l) 



s__c(l) 



s(n. 1) 



s c(n) 



8(1. n) 



[b(1. 1) - bO, n) 
s(n. 1) — s(n. n) 



r«<i. i) 

S_C (D= : I - S_c(nJ = 
[sCn. 1) 



6(1. n) 
aCn. n) 



S_t(1)= [b(1. 1) ™ b(1. n>] 
S_j-(n)= Cs(n. 1) — sCn. n>3 



cms] 



[08] 



iZ 



iWA*d 
*SSRl.d 



5S£ 



tBfficfe&-fc1B« 
BU 



351 



Z2I 



rt 



3L 







filASd 




fllASn 


JUR2.L 




OBR&d 







fluAftdcJ^-c 

BLd 



CtHA«d&*©) 
B2i 



toASl 




ioASd 




toA*n 


B1R&1 




MBRSLd 







aiA#dici-=r 



&IAS1 




imA*d 




filASn 


»BR4J 




WBR44 




»R R4.n 



B4i 



imA«i 




SOA«d 






UR&.1 




MUBR&d 




JOfiRStn 



B&l 







HlA»d 






as pi 




AfiBPd 




fiffiPn 



ftlA*l 




&ASd 






JQcSRL.l 




ftSRLd 







JI 

IK 



2£ 



JI 

3J1 



itasnfcws 

BU 



zha«i 




JnASd 




flOA*n 


JUBR2L1 




feSR&d 







SflJAWitt-t^-c 
B2J 



filASl 




MASd 
JBfiR&d 




flnASn 
JSSRSLii 



«ft]A#Ite<J:*» 
B3J 



OlA«l 




fioASd 




JEA%ti 













&aiASifi)flI^a_i 



(16) 



8-204697 



[H6] 



[09] 



(c) 



(a) 



64tdtE 
ft 61 



E 



II " " JL 



^4bit&- -Sibils-- 



7bita -*-U2btta-»- 



F 



hr= U- U 

a 1 A a i A a n A 

(a) 



A (I) =g mod q 



A(i)< 



a(l) 



i 




i 







|a(fl A(n)V 



aCn) 



a = a (l)+—+afc) 
(mod* p) 




I - I — I 

a_l a_J. a_n 

A=A(1) *--*A(a) mo 
CM 



— Hants— 




II 5] 



'i mo - 1 



x = ax + by mod N 



i -- i - r 




x = x"*y mod N 



(17) 
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[01 O] 



x_jr<U- 



x_r(n) - 



x_c(l) 




X__C<0) 








|x(l. 1)| 




x(l, n) 








■ x(n. 1) 




x(n, n) 



y_*l) 



y_Kn) 



7_c(l) 



y_c(n) 



Kl-D 



y(n, 1) 



|yCl, tQ I 



y<n, n) 



mm 



x_r(l) 



x_r(a) 
+ y_^rfiO 



_c(l) 



xCl. l)+y(l. 1) 



x<n, L) 
+y(n, 1) 



i_c(n) 
+ y_c(n) 



id, n)+y(l. n) 



x(n, n) 

+y(n, a) 



□□ra 



(18) »8-204697 



11 2] 



r_l 



r n 



a 1 



EMI 





(H10. 11 #M) : 


s = 


r + a * e (mod p) 





\7 

(R, s) 



(R. s) 



> 5 9 X K 1 - 6 



> y f ^ K7 



5f y K8-10 



[017] 



Hz 



JQA«d<DA2Js 

_L 



fcA«d 



BU 



JE 
IK 



JT 
"V" 



331 



J_ BLd 







inA*d 






nmva>i 




fcHRad 




JOBE&n 













AfiRll 




OSRld 




OffiRln 







JIlASd 






&£3R5a 




ft£3RS4 







aiA«dc«i:r>r 
B4i 



B&i 



(19) 
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Ml 3] 









1 


i 


n 



I G = I 0 ••••• I II 

a 1 A a_i A a n A 

(a) 



. IF 



1 




1 




n 













A(l) = a(l) mod N 



A(i) 



a(l) 



ad) A(n) 



a(n) 



a = a(l)*"-*a (n) 
(mode N) 



> > K 1 - 5 



a_l 



I - t 



a_n 



A = A(i) *-*A(n) mod N 



(b) 



(20) 



8-204697 



II 4] 



r_r<l) ■ 



x_r(ii)« 



x(l, 1) 



x(n. 1) 





x_c<l) 













x(l.n) 



i(n, q) 



y_r<l) 



y_r<n) 



7_c(l) 



yO.D 



y(n, 1) 



7_c(n) 



F<1. n) 



y(n, n) 



x_r(a) 





x_g<1 

■* 


> 

r_c(l) 




x_c(n) 

• y_cCn) 












1 








x(L. l>yU, 1) 








xCl.n)-y(l.n) 




















x<n, 1) 
•y(n. 1) 








x(n, n) 

•yCn. n) 







mm 



(21) 
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II 6] 



r_l 



r_n 



a 1 



* -/ -b — i> 



V 9 •> x K 1 - 6 



a n 



s = r * a" (mod N) 



5f x K8- 10 



(R. s) 



CR. s) 



(22) 



8-204697 



11 8] 



iZ 



aygpi 



IT 



JL 

3wT 



JL 
iZ 



fiHRZd 



JL 
IZ 



n 
^z 



JL 
iZ 



JL 
iZ 



iHA«d 



TT 



1 

















ABRBud 




JftSR&n 



it 



31 



TT 



B6i 



BRi 



B7J 







fclA»d 




inA#n 






BBRKd 




ffkSBR&n 



MAS1 




iaA*d 




inA«n 


5BSR9.1 




AS RSld 




IttfflRSLn 







MA«d 






J&SR10.1 




feSRlOLd 







B10J 



(23) ^W8-204697 



CHI 9] 



y_i 
_l 



x i i i n 



1 i n 

Z = X * Y 
1 i n 



T 



♦ — I 



z 1 z i 



y_i 



J 



y_i y__n 



X_Jl 



i 



o 



Si 



r(l)+-+r<n) 



r(i) 



mm 



r(l)y +— +r(n)y 



o 



► Kl- 10 



►(ry)_I > ^tf>K12 



z = ry — uy 

♦ — * -- I 

z 1 z i z n 



) 
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[g)2 O] 



r_l 



a 1 



a n 
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multiplication and the message are processed by using 
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